modeling embedded systems - university of california, … · 2017-02-16 · –...

1

Modeling Embedded Systems

Tajana Simunic Rosing

Department of Computer Science and Engineering

University of California, San Diego.

2 Tajana Simunic Rosing

ES Design

Verification and Validation

HardwareHardware components


Models, Languages and Tools

Sequent.

program

State

machine

Data-

flow

Concurrent

processes

C/C++Verilog Java VHDL

Implementation

A

Implementation

B

Implementation

C

Components of a formal design model

• Functional specification

– Relationships between inputs, outputs & states

• Properties

– Relations between I/O/S that can be checked against the functional specification

– 3 types: inherent in model of computation, those that can be verified syntactically & semantically for a given specification

• Performance indices

– Evaluate quality of design

• Constraints

– On performance indices, usually inequalities

4

Design process

Design:

• A set of components interacting with each other and with the environment that is not a part of design

Model of Computation (MOC):

• Defines the behavior and interaction of the design blocks

Design process:

• Takes a model at a higher level of abstraction and refines it to a lower level along with mapping constraints, performance indices and properties to the same level

Validation:

• Process of checking if design is correct

– Simulation/emulation, formal verification of specification or implementation

Synthesis:

• Design refinement where more abstract specifications are translated into less abstract specifications

5


Models of Computation Elements

• State

– e.g. in HW :

• Combinational states: one state for a given time t

• Sequential states: multiple states possible for time t

• Decidability

– Can a property be determined in a finite amount of time?

• Concurrency and communication

– Embedded systems usually have coordinated concurrent processes -> communication required


Modes of Communication


Communication

– Blocking

…

send ()

…

…

receive ()

…

…

send ()

…

…

receive ()

…

…

send ()

…

…

receive ()

…

ack

…process a {

..

P(S) //obtain lock

.. // critical section

V(S) //release lock

}

process b {

..

P(S) //obtain lock

.. // critical section

V(S) //release lock

}

Message Passing

Non-blocking

Shared memory

Extended

rendezvous

Models of computation comparison

Communication/

local computations

Shared

memory

Message passing

Synchronous | Asynchronous

Communicating finite

state machines

StateCharts SDL

Data flow (Not useful) Kahn networks,

DFG, SDF

Petri nets various versions of Petri Nets

Discrete event (DE)

models

VHDL*,

Verilog*,

SystemC*, …

Only experimental systems, e.g.

distributed DE in Ptolemy

Von Neumann

models+

C, C++, Java C, C++, Java & libraries, ADA

*Classification based on implementation with centralized data structures+Consists of a processing unit, control unit and storage for instructions & data


Model of Computation Examples• State machine models

– FSMs, StateCharts , SDL

• Petri nets

• Communicating processes– Kahn processes, Communicating Sequential Processes

• Ada

• Dataflow models– DFG, SDFG

• Discrete event models– VHDL, Verilog, SystemC, SpecC

• Synchronous languages – Cycle based models, Esterel, Lustre


Classical automata

• Moore-automata:

O = H(S); S+ = f(I, S)

• Mealy-automata

O = H(I, S); S+ = f(I, S)

Internal state Sinput I output O

S0 S1

S2S3

e=1

e=1

e=1

e=1

0 1

23

clock


Finite-state machines (FSMs)

Idle

GoingUp

req > floor

req < floor

!(req > floor)

!(timer < 10)

req < floor

DoorOpen

GoingDn

req > floor

u,d,o, t = 1,0,0,0

u,d,o,t = 0,0,1,0

u,d,o,t = 0,1,0,0

u,d,o,t = 0,0,1,1

u is up, d is down, o is open

req == floor

!(req<floor)

timer < 10

t is timer_start

Elevator Control process using a state machine


Elevator Control with Fire Mode

• FireMode – When fire is true, move elevator to 1st floor and open door

Idle

GoingUp

req>floor

req<floor

!(req>floor)

timeout(10)

req<floor

DoorOpen

GoingDn

req>floor

u,d,o = 1,0,0

u,d,o = 0,0,1

u,d,o = 0,1,0

req==floor

!(req<floor)

fire

fire

fire

fire

FireGoingDn

floor>1

u,d,o = 0,1,0

u,d,o = 0,0,1

!fire

FireDrOpen

floor==1

fire

u,d,o = 0,0,1

UnitControl


Models of Computation

• State Machine Models– FSM, StateCharts , CFSM, SDL

• Petri nets

• Communicating Processes– Kahn processes, Communicating Sequential Processes

• Ada


• Discrete Event Systems– VHDL, Verilog, SystemC, SpecC



StateCharts: Hierarchy


Back to Elevator Example

fire

!fireFireGoingDn

floor>1

u,d,o = 0,1,0

FireDrOpen

floor==1

fire

FireMode

u,d,o = 0,0,1

Idle

GoingUp

req>floor

req<floor

!(req>floor)

timeout(10)

req<floor

DoorOpen

GoingDn

req>floor

u,d,o = 1,0,0

u,d,o = 0,0,1

u,d,o = 0,1,0

req==floor

!(req>floor)

u,d,o = 0,0,1

NormalMode

UnitControl

NormalMode

FireMode

fire!fir

e

UnitControl

ElevatorController

RequestResolver

...


StateCharts: Default state


StateCharts: History


History & default state

same meaning


StateCharts: Concurrency


Conditional Transitions


StateCharts: Timers


Example: Answering machine

24

StateCharts: edge labels

event [condition] / reaction

Events: Exist only until the next evaluation of the model

Can be either internally or externally generated

Conditions: Refer to values of variables that keep their value until they are

reassigned

Reactions: Can either be assignments for variables

or creation of events

Example: service-off [not in Lproc] / service:=0


Propagations and BroadcastsSource: B. P. Douglass & iLogix


StateCharts: Simulation

Status= values of all variables + set of events + current time

Step = execution of the three phases

Status phase 2

Three phases:

1.Effects of external changes on events and conditions are evaluated,

2.The set of transitions to be made in the current step and right hand

sides of assignments are computed,

3.Transitions become effective, variables obtain new values.

StateCharts Simulation Example

Statecharts – Example 1


A B C

ef

gh

D

km

A B C

D

g

fh

e

k

kkm

Equivalent FSM

Representation

Statechart

Example

Statecharts – Example 2


A B

f

g

n Ek

mC D

h

Statechart

Example

AC AD BC BD

E

nn

f f

gg

h h

mm

m mk Equivalent FSM

Representation

StateCharts to FSM



StateCharts: Application Examples

• Power converter system for trams, metros & trains

– System-level modeling and automated code generation

– Guarantee latencies less than 10 microseconds

– Cut development time by 50%

– Time from design completion to first prototype down to 1hr from 3 months

– Defect free code automatically generated for a number of RTOS implementations

By Alstom



• Development of defibrillator and pacemaker technology

– Model system behavior before requirements are finalized

– Check that SW provides mathematically consistent representation of the product’s system – correct and unambiguous representation of model behavior

– More accurate and extensive verification – guarantee device works 100% of the time for at least 7-10yrs

– Cut product verification costs by 20%

– 15-20% overall cost reduction per projects on future development

By Guidant CRM



• Jet engine electronic controller design– System level specification and consistency check

– Construction of on-screen simulation of the cockpit display

– Evaluate correctness in normal and faulty operation modes

– Project so successful that now StateCharts are used for:• Independent overspeed protection system

• Thrust reverse control system

• Engine fuel control system

By BMW


StateCharts: Summary• Hierarchy• AND- and OR-super states• Default state, History• Timing behavior• State oriented behavior• Edge labels• Concurrency• Synchronization & communication

– Broadcast, shared memory

• Simulation

• Cross compiling



• State Machine Models– FSM, StateCharts , SDL

• Petri nets


• Ada




Specification & Description Language (SDL)

• Designed for specification of distributed systems.

• Dates back to early 70s,formal semantics defined in the late 80s, updates from 1984 to 1999 by International Telecommunication Union (ITU)

• Provides textual and graphical formats

• Similar to StateCharts, each FSM is called a process, but it uses message passing instead of shared memory for communication

• Supports operations on data

SDL-representation of FSMs/processes

output

input

state

Communication among SDL-FSMs• Communication between FSMs (or “processes“)

is based on message-passing, assuming a potentially indefinitely large FIFO-queue.

Each process

fetches next entry

from FIFO,

checks if input

enables transition,

if yes: transition

takes place,

if no: input is ignored

(exception: SAVE-

mechanism).

Determinate?• Let tokens be arriving at FIFO at the same time:Order in which they are stored is unknown:

All orders are legal so simulators can show different behaviors for the

same input, all of which are correct.

Operations on data• Variables can be declared locally for processes.

• Their type can be predefined or defined in SDL itself.

• SDL supports abstract data types (ADTs)

Process interaction diagrams• Interaction between processes can be described in process

interaction diagrams, which are a special case of block diagrams

• In addition to processes, these diagrams contain channels and declarations of local signals.

,

B

Hierarchy in SDL• Process interaction diagrams can be included in blocks. The

root block is called system.

Processes cannot contain other processes, unlike in StateCharts.

Timers

• Timers can be declared locally

• Elapsed timers put signal into queue, but are not necessarily processed immediately; RESET removes a timer from FIFO-queue

Description of network protocols

Vending machine example

Machine sells pretzels, chips, cookies, &

doughnuts

Accepts nickels, dime, quarters, and half-dollars

It is not a distributed application.

° [J.M. Bergé, O. Levia, J. Roullard: High-Level System Modeling, Kluwer Academic Publishers, 1995]

Overall view of vending machine

Decode Requests

p

Chip Handler

no

yes

yes

no


SDL: Real World Examples

• FlexRay RTIO protocol specification

• ADSL design

– Ideal language for telecom design; communication between components and their different states of operation can be easily modeled with SDL

– Object orientation and automatic code generation significantly simplified system design verification

– Early testing done on SDL – significant savings in the cost of expensive test equiptment

By Siemens

SDL summary

– FSM model for the components,

– Non-blocking message passing for communication,

– Implementation requires bound for the maximum length of FIFOs; may be very difficult to compute,

– Not necessarily determinate

– Timer concept adequate just for soft deadlines,

– Limited way of using hierarchies,

– Limited programming language support,

– No description of non-functional properties,

– Excellent for distributed applications (used for ISDN),

– Commercial tools available (see http://www.sdl-forum.org)



• State Machine Models– FSM, StateCharts , SDL, CFSM

• Petri nets


• Ada




Petri net definitions

• H2OExample

52 Tajana Simunic RosingSource: Murata’89


Petri net – Train tracks model


Concurrency, Causality, Choice

Petri nets: confusion

• Concurrency & conflict lead to confusion….

– Symmetric

– Asymmetric



Conflict for resource „track“


Communication Protocol


Producer-Consumer Problem


Producer-Consumer with Priority

Modeling synchronization control when sharing resources Multiprocessor CPUs, distributed systems

Petri net definitions

• H2OExample



Petri Net Properties

• Behavioral– Reachability

• Marking M reachable from marking Mo

– k - Boundedness• Number of tokens in each place does not exceed finite number k

• Safe if 1-bounded

– Liveness• A transition is live if it can never deadlock.

• A transition is deadlocked if it can never fire.

• Structural – Controlability

• Any marking can be reached from any other marking

– Structural boundednes

– Conservativeness – weighted sum of tokens constant


PN Properties - Reachability


PN Properties – Deadlock-free

Petri Net Liveness

• L0-live (dead): a particular transition can never fire

– In the figure below, t0 can never fire

• see reachability graph

Petri Net Liveness

• L1-live: a particular transition can fire at least once for some firing sequence

– In the figure below, t1 can only fire once, for some firing sequence

Petri Net Liveness

• L2-live: a particular transition can fire k times for a particular firing sequence, for any k.

– In the figure below, t2 can only fire once, twice, etc, for different firing sequences

Petri Net Liveness

• L3-live: a particular transition can fire infinitely in a particular firing sequence.

– In the figure below, t3 can fire infinitely for the firing sequence t3, t3, t3, t3,…

– Note that the number of times t1 and t2, fire is finite for any firing sequence.


PN Properties - Boundedness


PN Properties - Conservation


Petri Nets - Analysis

• Structural

– Incidence matrix

• State Space Analysis techniques

– Coverability Tree

– Reachability Graph


PN Properties – Analysis

Incident

Matrix

State

Equations


Petri Nets – Coverability Tree

Example• Assume

– e=6

– Mo=[0 12]

• Can we reach M=[6 0] from Mo?

• Can it be statically scheduled?

• What size buffers are needed at P1 & P2?


P1

P2

T1 T2

32

4 e

Petri net problem

Consider the Petri net defined by:

P = { p1, p2, p3}

T = { t1, t2, t3}

A = { (p1 t1) (p1 t3) (p2 t1) (p2 t2) (p3 t3) (t1 p2) (t1 p3) (t2 p3) (t3 p1) (t3 p2)}

With all weights being one except w(p1 t1) = 2


Draw a Petri net that describes a game in which there is an urn with black and red balls. In each round the player takes two balls:

– If both are black, then the player returns one black

– If both are red, then the player returns one red

– If one is red and one is black, then the player returns one red.


Urn Game with Petri Nets


Petri nets: Applications

• Model, simulate and analyze networking protocols (e.g. TCP, Ethernet, etc)

• Model, simulate and analyze complex network elements (e.g. router, switch, optical mux); check their logical behavior

• Design and analyze network performance and AoS with logical models of traffic generators, protocols and network elements

• Study network behavior characteristics (e.g. throughput, blocking probability etc)

By Siemens

Petri nets in practice

• Example apps:

– TCP performance

– Security system design and automated code geneeration

– MAC design

– ….



Petri Nets - Summary

• PN Graph– places (buffers), transitions (action), tokens (data)

• Firing rule – Transition enabled if enough tokens in a place

• Properties– Structural (consistency, structural boundedness)

– Behavioral (reachability, boundedness, etc.)

• Analysis techniques

• Applications– Modeling of resources, mutual exclusion, synchronization




• Petri nets• Communicating Processes

– Communicating Sequential Processes, Ada, Kahn processes




• HW Models• Unified Modeling Language (UML)


Process

• A sequential program– Executes concurrently with other

processes

• Basic operations on processes– Create & terminate, suspend & resume,

join

• Process communication– Shared memory (and mutexes)

– Message passing

– Rendezvous

buttons

inside

elevator

Unit

Control

b1

down

open

floor

...

Request

Resolver

...

up/down

buttons on

each

floor

b2

bN

up1

up2

dn2

dnN

req

up

System interface

up3

dn3


ADA-rendez-vous

task screen_out isentry call_ch(val:character; x, y: integer);entry call_int(z, x, y: integer);

end screen_out;task body screen_out is...selectaccept call_ch ... do ..end call_ch;

oraccept call_int ... do ..end call_int;

end select;

Sending a message:

begin

screen_out.call_ch('Z',10,20);

exception

when tasking_error =>

(exception handling)

end;


Task graphs

Nodes are a „program“

described in some

programming language

Sequence

constraint


Task graphs - Timing

]

Arrival time deadline


Task graphs - I/O


Task graphs - Shared resources


Task graphs - Periodic schedules

.. infinite task graphs


Task graphs - Hierarchy


Your job is to design a process P with the sub tasks:

Q1(x,y) = (u,v)=(2x, x+y)

Q2(x,y) = 2x + y

Q3(x,y) = x + 2y

Assume you have an adder (2s, 1W) and a shifter (1s, 0.5W) to implement P.

Show the fastest possible schedule, and get the total energy consumption for P.

Do your results change if battery can supply maximum 1W at any point in time?

Design problem





– Communicating Sequential Processes, Ada

• Dataflow models– Kahn processes – DFG, SDFG



• Petri nets• HW Models• Unified Modeling Language (UML)

119


Kahn process network

processchannel

KPN - executable task graphs

Communication is via infinitely large FIFOs

Nonblocking write, blocking read => DETERMINATE

Important properties of KPN:Continuous

Output signals can be gradually produced; never have to consume all input to produce some output

MonotonicOutput depends on input but doesn’t change previous output

Continuous monotonic processes => ITERATIVE


Petri net model of a Kahn process

• KPNs are deterministic:

– Output determined by

• Process, network, initial tokens


Dataflow Process Networks

A

B

C D

modulate convolve

transform

A B C D

Z

Nodes with more complex

transformations

t1 t2

+ –

*

A B C D

Z

Nodes with arithmetic

transformations

t1 t2

Z = (A + B) * (C - D)

• Dataflow: – Maps input tokens to output tokens– Outputs function of current inputs

• No need to keep state on suspend/resume

– Scheduling for resource sharing


Dataflow process examples

• HW resource scheduling

– Constraints: 2 mult, 2 ALU

– List scheduler

– Additional constraints

• Performance

• Power

• Area etc.

*

NOP

*

*

<

*

*

+

NOP

1 2

3

4

5

6

7

*8

+9

10

11

0

n

T1

T2

T3

T4


Synchronous dataflow


SDF notation

• Nodes have rates of data production or consumption.

• Edges have delays.– Delays do not change rates, only the amount of

data stored in the system at startup.

+ -1 2

50


SDF examples

n1

n2

11

n32 1

21

n11

n3

1

1

n2

12D

D

126Tajana Simunic Rosing

SDF Scheduling

• By building a set of “flow and conservation” equations

3a – 2b = 0

4b – 3d = 0

b – 3c = 0

2c – a = 0

d – 2a = 0

Solution: a = 2c; b = 3c; d = 4c

Possible schedules:

BBBCDDDDAA

BDBDBCADDA

BBDDBDDCAA

…

SDF problem



Dataflow process examples

• Design of a first 802.11b WLAN card– New product – combines RF, MAC and PHY; lots of DSP

– Implemented on an ASIC

– Previous design hand coded VHDL

• System level design with COSSAP by Synopsys– Explore architectural trade-offs – what in gates, what on DSP

– Scheduling trade-offs: latency, area, propagation delay between clocks, and vendor library

• Results:– Reduced time to market by a factor of TWO!

– Architectural exploration within 10% of actual measurements in terms of timing and area

by Symbol Tech.





– Kahn processes, Communicating Sequential Processes

• Ada• Dataflow models

– DFG, SDFG



• HW Models• Unified Modeling Language (UML)


Discrete Events

• Notion of time is fundamental: global order– events are objects which carry ordered time info

– there is a casual relationship between events

• DE simulator maintains global event queue– Verilog, VHDL

• Expensive - ordering tame stamps can be time consuming

• Large state & low activity => effective simulation

• Simultaneous events lead to non-determinacy– require complex conflict resolution schemes

– e.g. delta delays


Simultaneous Events in the

Discrete Event Model

A B Ct

t

A B C

t

A B C

t

t

B has 0 delay B has delta delay

t+


VHDL: Entities

entity full_adder is

port(a, b, carry_in: in Bit; -- input ports

sum,carry_out: out Bit); --output ports

end full_adder;


VHDL: Architectures

architecture structure of full_adder iscomponent half_adder

port (in1,in2:in Bit; carry, sum:out Bit);

end component;component or_gate

port (in1, in2:in Bit; o:out Bit);

end component;

signal x, y, z: Bit; -- local signals

begin -- port map section

i1: half_adder port map (a, b, x, y);

i2: half_adder port map (y, carry_in, z, sum);

i3: or_gate port map (x, z, carry_out);

end structure;

architecture behavior of full_adder is

begin

sum <= (a xor b) xor carry_in after 10

Ns;

carry_out <= (a and b) or (a and carry_in) or

(b and carry_in) after 10

Ns;

end behavior;


VHDL processes & waits

Processes model HW parallelismprocessbegin

a <= b after 10 nsend process

begin

prod <= x and y ;

wait on x,y;

end process;

process (x, y)

begin

prod <= x and y ;

end process;

Waits:

wait until signal list;

wait until a;

wait until condition;

wait until c='1';

wait for duration;

wait for 10 ns;

wait; suspend indefinitely

wait on = sensitivity list


VHDL Simulation


VHDL Simulation of an RS FFarchitecture one of RS_Flipflop isbeginprocess: (R,S,Q,nQ)

beginQ <= R nor nQ;nQ <= S nor Q;

end process;end one;

0ns 0ns+ 0ns+2

R 1 1 1

S 0 0 0

Q 1 0 0

nQ 0 0 1

0001

1100

0000

0111

1st

2nd

cycles reflect the fact that no

real gate comes with zero delay.


VHDL Summary

• Entities and architectures

• Multiple-valued logic

• Modeling hardware parallelism by processes

– Wait statements and sensitvity lists

• VHDL simulation cycle

– cycles


SystemC: Motivation


SystemC: Methodology






• Ada • Dataflow models

– DFG, SDFG


• HW Models• Synchronous languages

– Cycle based models, Esterel, Lustre

• Unified Modeling Language (UML)


Levels of hardware modeling

1. System level

2. Algorithmic level

3. Instruction set level

4. Register-transfer level (RTL)

5. Gate-level models

6. Switch-level models

7. Circuit-level models

8. Device-level models

9. Layout models

10. Process and device models


Instruction level

Assembler (MIPS) Simulated semantics

and $1,$2,$3 Reg[1]:=Reg[2] Reg[3]

or $1,$2,$3 Reg[1]:=Reg[2] Reg[3]

andi $1,$2,100 Reg[1]:=Reg[2] 100

sll $1,$2,10 Reg[1]:=Reg[2] << 10

srl $1,$2,10 Reg[1]:=Reg[2] >> 10


Register transfer level: MIPSController

BP

C

Instr

ucti

on

reg

iste

r IR

Mem

ory

Speic

her

T

sign_

extend

4

*

AL

U

Reg

0

0

0

0

0

01

1

1

1

1

1

2

2

3

§

31:26

25:21

20:16

25:0

15:0

15:11

i2 a

2 a

1

i3

a3

a2

a1

PC

So

urc

e

Ta

rge

tWrite

AL

UO

p

AL

US

elA

AL

US

elB

RegW

rite

RegD

est

IRW

rite

Me

mR

ea

d

Me

mW

rite

PC

Write

*§31: 28

"00“


Gate-level model


Switch level model


Circuit level model


Device level

Measured and simulated currents


Layout model

din

powlo

powhi

dout


Process model

Simulated

Measured







– DFG, SDFG


• HW Models• Synchronous reactive languages




Reactive Synchronous Languages

• Assumptions– Instantaneous reactions

– Discrete events

– Static

• Cycle based models– Excellent for (single) clocked synchronous circuits

• Control flow oriented (imperative) languages– Esterel

• Data flow languages– Lustre, Signal

• Deterministic behavior

• Simulation, software and hardware synthesis, verification

Lustre example



Reactive Synchronous Models: Esterel Statements

• Emit S

• Present S then p else q end

• Pause

• P; Q, P||Q

• Loop p end

• Await S

• Abort p when S

• Suspend p when S

• Sustain S = (loop emit S; pause end)


Abort Statement

Normal termination

Aborted termination

Aborted termination,

Emit A preempted

Normal termination

B not checked in the

first cycle (like await)


Esterel Examples


Time in Esterel• Global clock with precise control over when

events appear– At every tick: read inputs, compute, output

• Statements– A bounded number in one cycle

• Emit, present, loop

– Take multiple cycles: • Pause, await, sustain

• Causality analysis– Deterministic & non-contradictory


Esterel Application Examples

TI used Esterel to automatically synthesize full coverage tests for a safety-critical design

Showed functional coverage covered only 30% of the design, with Esterl 100% covered

AirbusSignificant decrease in errors due to increase in automated code generation (40-70%)

e.g fly by wire controls & automatic flight control 70%, display computer 50%, warning & maintenance computer 40%

Major increase in productivity


Esterel Summary

Reactive synchronous language

Control flow oriented

Imperative syntax

Synchrony assumption useful for safety critical embedded systems

Convert timing relations to causal ordering

Used in verification

e.g. TI, Airbus







– DFG, SDFG


• HW Models• Synchronous reactive languages




UML (Unified modeling language)


UML - StateCharts


UML – Extended Petri Nets

„swimlane“


UML Summary UML

- State machine diagram (StateChart-like)

- Activity diagram (extended Petri nets)

- Deployment diagram (exec. arch.)

- Use case diagram

- Package diagram (hierarchy)

- Class diagrams

- Timing diagrams (UML 2.0), UML for real-time


Models and Languages Summary

• Multiple models and languages are essential for high-level design– Managing complexity by abstraction

– Formality ensures refinement correctness

– Model choice depends on• Class of applications

• Required operations (synthesis, scheduling, ...)

• Multiple MOCs can co-exist during all phases of design– Specification

– Architectural mapping and simulation

– Synthesis, code generation, scheduling

– Detailed design and implementation

– Co-simulation


Sources and References

• Peter Marwedel, “Embedded Systems Design,” 2004.• Frank Vahid, Tony Givargis, “Embedded System Design,” Wiley,

2002. • Wayne Wolf, “Computers as Components,” Morgan

Kaufmann, 2001. • Axel Jantsch, “Modeling Embedded Systems and SOCs,”

Morgan Kaufmann, 2004. • Alberto Sangiovanni-Vincentelli @ UCB• Mani Srivastava @ UCLA• Rajesh Gupta @ UCSD• Nikil Dutt @ UCI

modeling embedded systems - university of california, … · 2017-02-16 · –...

Documents